Jump to content
ryan

New post: User Activity module

Recommended Posts

LOVE the new module! I'm adding this to every site for sure. 🙂

In terms of alternatives, besides the SystemNotifications module mentioned in the post there is also Page Edit Soft Lock, but UserActivity is more powerful.

A question: is it possible to use this module via the API to find all users currently logged in by role? Something like (pseudo-code):

$logged_in_editors = $userActivity->findLoggedIn("role=editor");

I think that could be useful.

Thanks @ryan!

  • Like 5

Share this post


Link to post
Share on other sites

Hi Ryan,

thank you! That's a very welcome addition! 😎 I'll buy it soon. One quick question:

How does it handle situations when some people share the same PW user to log in and edit pages?

Share this post


Link to post
Share on other sites
Quote

A question: is it possible to use this module via the API to find all users currently logged in by role? Something like (pseudo-code):

@Robin S Thanks for your feedback. I'd not taken the public API very far on this yet because I wasn't sure exactly what people would want, so it's useful for me to hear what you are looking for here. Beyond the API functions mentioned in the blog post, there actually is more, but it's lower-level, returning arrays of IDs and stuff rather than Users or Pages.  But it has a good foundation to build upon, so I will plan to add some more methods like the one you've mentioned. If you are interested in doing it now, here's a function that would find what you are looking for with the UserActivity module: 

/**
 * Find active users 
 *
 * @param int $seconds Find active within this many seconds (default=90)
 * @param string $roleName Name of role to find or omit for no role filter
 * @return PageArray 
 *
 */
function findActiveUsers($seconds = 90, $roleName = '') {

  $activeUsers = new PageArray();
  $role = $roleName ? wire('roles')->get($roleName) : null;
  $module = wire('modules')->get('UserActivity');
  $options = [ 'seconds' => $seconds ];

  foreach($module->findActivity($options) as $item) {
    $user = wire('users')->get($item['uid']); 
    if(!$user->id || ($role && !$user->hasRole($role))) continue;
    $page = wire('pages')->get($item['pid']); 
    // set some properties to $user in case you want them
    $user->set('activePath', $item['act']);
    $user->set('activeProcess', $item['process']);
    $user->set('activePage', $page);
    $activeUsers->add($user);
  }

  return $activeUsers;
}

// Example
$editors = findActiveUsers(90, 'editor'); 
foreach($editors as $u) {
  echo "<p>User $user->name is at $user->activePath</p>";
}

 

Quote

How does it handle situations when some people share the same PW user to log in and edit pages?

@bernhard I hadn't considered that particular situation, though I wouldn't recommend sharing logins like that. But technically it would be possible to support the situation with this module since those logins would have different session IDs. I'm happy to add it if it's something people are doing. But regardless of whether using this module or not, if you've got an installation where people are sharing logins I would recommend changing it so each user has their own login, otherwise it would be impossible to know who changed what, and one person changing the password could lock out the other users, etc. 

 

  • Like 2

Share this post


Link to post
Share on other sites
5 minutes ago, ryan said:

bernhard I hadn't considered that particular situation, though I wouldn't recommend sharing logins like that. But technically it would be possible to support the situation with this module since those logins would have different session IDs. I'm happy to add it if it's something people are doing. But regardless of whether using this module or not, if you've got an installation where people are sharing logins I would recommend changing it so each user has their own login, otherwise it would be impossible to know who changed what, and one person changing the password could lock out the other users, etc. 

Thx, then I think it's probably the best time for creating seperate accounts for them 🙂 

What if one user has the same page opened in two tabs? This would be the same session but could also be unwanted (and overwriting/losing changes).

  • Like 1

Share this post


Link to post
Share on other sites

@bernhard I had looked into that and having the same page open in 2-windows/tabs in the same session is not a case the module can reliably alert you to. Sessions are not unique per browser window/tab, and browsers don't provide any indication about what window/tab a request comes from. The only foolproof way to detect it is to provide some variable unique to the window/tab in the query string (like ?window_id=123), and then make sure that variable stays in all URLs clicked on or posted to from that point forward. It's not practical, and also breaks as soon as you open a target=_blank window or cmd-click force a request to open in a new window/tab on your own.

  • Like 1

Share this post


Link to post
Share on other sites
6 hours ago, ryan said:

I'm happy to add it if it's something people are doing.

They do it all the time. No matter how many accounts exists... most of the time all people use just one.

Some just don't want to be responsible for changes so they take the credentials from another user or "admin" account they somehow can get.

  • Like 2

Share this post


Link to post
Share on other sites
On 12/1/2019 at 12:50 PM, ryan said:

I wasn't sure exactly what people would want, so it's useful for me to hear what you are looking for here.

@ryan I also have an idea which is somewhat related: is there a possibility to build upon UserActivity so that one can build a module which is made for logging – saving into the database – what (given) users performed in the PW admin? I am thinking of (re)implementing something like Reno's MarkupActivityLog module https://modules.processwire.com/modules/markup-activity-log/

Could some API features of UserActivity be useful when developing such a 3rd party module?

Edited by szabesz
fixed the word "(re)implementing"
  • Like 1

Share this post


Link to post
Share on other sites
On 12/1/2019 at 3:42 PM, ryan said:

I had looked into that and having the same page open in 2-windows/tabs in the same session is not a case the module can reliably alert you to.

@ryanIt is strange you say that as the SystemNotifications module can do it. I've been using SystemNotifications module only because – at least on "my" sites – it does detect the case of same pages opened in different tabs. I am using SystemNotifications even though it has an anoyying bug:

https://processwire.com/talk/topic/9526-strange-errors-following-upgrade/?do=findComment&comment=95893

and it is hard to remove once installed:

https://processwire.com/talk/topic/19834-how-to-deinstall-system-notifications-module/

 

Share this post


Link to post
Share on other sites
On 12/1/2019 at 7:22 PM, wbmnfktr said:
On 12/1/2019 at 12:50 PM, ryan said:

I'm happy to add it if it's something people are doing.

They do it all the time. No matter how many accounts exists... most of the time all people use just one.

I always try to convince clients not to share accounts, but in some cases they flatly express that they will indeed use "shared accounts" no matter what. Their excuse usually boils down to laziness: they do not want to deal with managing users at all. In such a case I ask them at least to call such a user as "shared editor" or similar so that at least we know how to treat that account in question.

On 12/1/2019 at 12:50 PM, ryan said:

But technically it would be possible to support the situation with this module since those logins would have different session IDs. I'm happy to add it if it's something people are doing.

So for the reasons outlined above, some support for this would be welcome, maybe with some additional logging options so that we can track down such activities even days after...

  • Like 3

Share this post


Link to post
Share on other sites

Hi @ryan,

Thanks for the new module!

During the development of a module this week, I wondered whether it was possible to save module config data without the "modules" log being added to. I think this may be a useful addition as I'm finding that when I've got a log open in the admin and a new entry is generated and fetched with AJAX, UserActivity is saving config data (hookProcessWireFinished), and generating another "Saved module 'UserActivity' config data" entry. Perhaps there's a simpler tweak that could be made, e.g. checking if AJAX, but a quiet mode for saveModuleConfigData might be a good addition and solve this very minor issue!

Cheers,

Chris

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...